Description
The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Dixie Flatline · textlocalunix
https://www.exploit-db.com/exploits/20193
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5201
Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-08/0531.html
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1644
Scores
EPSS
0.0034
EPSS Percentile
56.8%
Details
Status
published
Products (2)
plus_technologies/lpplus
3.2.2
plus_technologies/lpplus
3.3
Published
Nov 14, 2000
Tracked Since
Feb 18, 2026